class SessionsController < ApplicationController
  def new
  end

  def create
    user = User.find_by(email: params[:session][:email].downcase)
    user = user|| User.find_by(name: params[:session][:email])

    if user && user.authenticate(params[:session][:password])
      # Sign the user in and redirect to the user's show page.
      sign_in user
      redirect_back_or user
    else
      # 显示错误消息，重定向到登陆页面
      flash.now[:error] = '无效的账户名或密码'
      render 'new'
    end
  end

  def destroy
    sign_out
    redirect_to root_path
  end


end
